CVE-2024-22255
HIGH EXPLOITED RANSOMWAREVMware ESXi, Workstation, and Fusion - Info Disclosure
Title source: llmExploitation Summary
CVE-2024-22255 has been observed exploited in the wild (reported by VulnCheck KEV), including in ransomware campaigns.
Description
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.
References (1)
Core 1
Core References
Vendor Advisory
https://www.vmware.com/security/advisories/VMSA-2024-0006.html
Scores
CVSS v3
7.1
EPSS
0.0498
EPSS Percentile
89.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
VulnCheck KEV
2024-10-11
Ransomware Use
Confirmed
CWE
CWE-770
Status
published
Products (6)
vmware/cloud_foundation
4.0 - 5.0
vmware/esxi
7.0 (25 CPE variants)
vmware/esxi
7.0.0 b
vmware/esxi
8.0 (8 CPE variants)
vmware/fusion
13.0.0 - 13.5.1
vmware/workstation
17.0.0 - 17.5.1
Published
Mar 05, 2024
Tracked Since
Feb 18, 2026